⚡ IT Wisdom My Kubernetes cluster keeps crashing. It's running in production, so that tracks.
Skilled Practitioner
4249 XP 1751 to Expert
Score
37.1%
Not yet
Correct
39
out of 105
Wrong
66
need review
More practice needed. Focus on the wrong answers and use the explanations to understand why.
Wrong Answers (66)
Q4 · Understanding and Using APIs
Your answer: D  ·  Correct: B
A developer is writing a Python script to retrieve a list of network devices from a REST API. The API documentation specifies that requests must be authenticated using a custom token passed in the request header as "X-Auth-Token", and that the endpoint is GET https://api.example.com/v1/devices. After running the script below, the developer receives a 401 response code. Which correction should the developer make to fix the authentication issue? import requests url = "https://api.example.com/v1/devices" token = "abc123xyz" headers = {"Authorization": "Bearer " + token} response = requests.get(url, headers=headers) print(response.status_code) print(response.json())
Loading...
Q7 · Cisco Platforms and Development
Your answer: C  ·  Correct: A
A network engineer wants to retrieve a list of all network devices from Cisco Catalyst Center using its REST API. After obtaining an authentication token, which of the following Python code snippets correctly constructs the request to retrieve the device list?
Loading...
Q10 · Understanding and Using APIs
Your answer: A  ·  Correct: B
A developer is building an integration between a payment processing platform and an order management system. The payment platform supports webhooks and can send event notifications to a configured URL whenever a payment is completed, failed, or refunded. The developer wants to avoid polling the payment API every few seconds to check for status updates. Which of the following accurately describes how the developer should implement this webhook-based integration, and what is the primary advantage over polling?
Loading...
Q12 · Understanding and Using APIs
Your answer: A  ·  Correct: B
A developer is building a Python script that needs to interact with two different REST APIs. The first API (Service A) uses OAuth 2.0 and requires a Bearer token passed in the Authorization header. The second API (Service B) uses a simple API key passed as a query parameter named "api_key". The developer writes the following script, but after running it, Service A returns a 200 response while Service B returns a 403 response. Which correction should the developer make to fix the Service B request? import requests token = "eyJhbGciOiJSUzI1NiJ9.abc123" api_key = "sk-prod-9988776655" response_a = requests.get("https://api.service-a.com/data", headers={"Authorization": "Bearer " + token}) print("Service A:", response_a.status_code) response_b = requests.get("https://api.service-b.com/records", headers={"api_key": api_key}) print("Service B:", response_b.status_code)
Loading...
Q14 · Infrastructure and Automation
Your answer: A  ·  Correct:
A network automation engineer is reviewing an Ansible playbook that was written to configure a new Linux application server. The engineer needs to understand what the playbook will do before approving it for production. Examine the following playbook: --- - name: Configure application server hosts: app_servers become: yes tasks: - name: Install required packages apt: name: - nginx - python3 - python3-pip state: present update_cache: yes - name: Create application user user: name: appuser shell: /bin/bash state: present create_home: yes - name: Start and enable nginx service: name: nginx state: started enabled: yes - name: Deploy application config copy: src: /files/app.conf dest: /etc/nginx/conf.d/app.conf owner: appuser mode: '0644' notify: Reload nginx handlers: - name: Reload nginx service: name: nginx state: reloaded Which of the following accurately describes the complete workflow being automated by this playbook?
Loading...
Q16 · Understanding and Using APIs
Your answer: D  ·  Correct: B
A developer is building a Python script that needs to submit a new support ticket to a help desk system via REST API. The API documentation specifies the following: - Endpoint: POST https://helpdesk.example.com/api/v2/tickets - Authentication: API key passed in the request header as "X-API-Key" - Request body must be JSON with fields: "title" (string), "priority" (integer), and "description" (string) - Success response: 201 Created The developer writes the following script: import requests url = "https://helpdesk.example.com/api/v2/tickets" api_key = "hd-key-4429910" payload = {"title": "VPN not connecting", "priority": 2, "description": "User cannot connect to VPN"} response = requests.post(url, headers={"X-API-Key": api_key}, data=payload) print(response.status_code) After running the script, the developer receives a 400 Bad Request response instead of a 201. Which of the following is the most likely cause, and what is the correct fix?
Loading...
Q17 · Software Development and Design
Your answer: D  ·  Correct: A
A development team is using Git for version control on a shared Python project. A developer named Alex is working on a new feature in a branch called `feature/user-auth`. Meanwhile, another developer named Jordan merges an update to the `main` branch that modifies the same section of `config.py` that Alex has been editing. When Alex runs `git merge main` from the `feature/user-auth` branch to pull in Jordan's latest changes, Git reports a merge conflict in `config.py`. Alex opens the file and sees the following: <<<<<<< HEAD AUTH_TIMEOUT = 30 AUTH_PROVIDER = "local" ======= AUTH_TIMEOUT = 60 AUTH_PROVIDER = "ldap" >>>>>>> main The team has agreed that the production environment requires LDAP authentication with a 30-second timeout. Which of the following steps correctly resolves the conflict and finalizes the merge?
Loading...
Q19 · Understanding and Using APIs
Your answer: A  ·  Correct:
A developer is building a Python script that retrieves telemetry data from a cloud monitoring API. The API documentation specifies the following: - Endpoint: GET https://monitoring.example.com/api/v1/metrics - Authentication: Bearer token passed in the Authorization header - Optional query parameter: "device_id" to filter results by device - The API returns JSON with a top-level key called "metrics" containing a list of metric objects - Successful response: 200 OK - If the token is expired: 401 Unauthorized - If the device_id does not exist: 404 Not Found The developer writes the following script to retrieve metrics for device "router-99" and print each metric name: import requests url = "https://monitoring.example.com/api/v1/metrics" token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9" response = requests.get(url, headers={"Authorization": "Bearer " + token}, params={"device_id": "router-99"}) if response.status_code == 200: data = response.json() for metric in data["results"]: print(metric["name"]) elif response.status_code == 401: print("Token expired. Please re-authenticate.") elif response.status_code == 404: print("Device not found.") After running the script, the API returns a 200 OK response, but the script raises a KeyError. Which of the following is the most likely cause, and what is the correct fix?
Loading...
Q21 · Understanding and Using APIs
Your answer: D  ·  Correct: B
A developer is designing two separate integrations for an enterprise platform. The first integration connects to a legacy internal service that exposes operations as named functions — such as "getUser()", "createTicket()", and "deleteRecord()" — called over HTTP using a structured request payload. The second integration consumes a modern external API that models all resources as URLs, uses standard HTTP methods (GET, POST, PUT, DELETE) to represent actions, and returns stateless responses. The developer needs to classify each API style correctly before writing the client code, as each style requires a different request structure. Which of the following correctly identifies the API style used by each integration?
Loading...
Q23 · Infrastructure and Automation
Your answer: B  ·  Correct:
A network engineer is reviewing the following partial YANG model snippet and a corresponding RESTCONF response returned when querying a Cisco IOS XE router. The engineer needs to determine whether the response data is valid according to the model structure. YANG model (simplified): module ietf-interfaces { namespace "urn:ietf:params:xml:ns:yang:ietf-interfaces"; prefix if; container interfaces { list interface { key "name"; leaf name { type string; } leaf enabled { type boolean; } leaf description { type string; } container statistics { leaf in-octets { type uint64; } leaf out-octets { type uint64; } } } } } RESTCONF response (JSON): { "ietf-interfaces:interfaces": { "interface": [ { "name": "GigabitEthernet1", "enabled": true, "description": "Uplink to Core", "statistics": { "in-octets": 9482910, "out-octets": 3741200 } } ] } } Which of the following statements correctly interprets the YANG model structure AND assesses the validity of the RESTCONF response against it?
Loading...
Q25 · Infrastructure and Automation
Your answer: C  ·  Correct:
A network automation engineer is reviewing the following unified diff output generated after modifying a RESTCONF-based Python automation script. The team uses code reviews and diff comparisons to track changes before merging to the main branch. Examine the diff below: --- a/provision_device.py +++ b/provision_device.py @@ -12,10 +12,12 @@ BASE_URL = "https://192.168.1.1/restconf/data" HEADERS = { "Content-Type": "application/yang-data+json", - "Accept": "application/json" + "Accept": "application/yang-data+json" } def configure_interface(token, interface_name, ip_address, prefix_len): - url = f"{BASE_URL}/ietf-interfaces:interfaces/interface={interface_name}" - payload = {"name": interface_name, "ip": ip_address} - response = requests.put(url, headers=HEADERS, json=payload, verify=False) + url = f"{BASE_URL}/ietf-interfaces:interfaces/interface={interface_name}/ietf-ip:ipv4" + payload = {"ietf-ip:ipv4": {"address": [{"ip": ip_address, "prefix-length": prefix_len}]}} + response = requests.put(url, headers=HEADERS, json=payload, verify=True) return response.status_code Which of the following most accurately describes ALL of the changes made in this diff and their likely purpose?
Loading...
Q26 · Understanding and Using APIs
Your answer: A  ·  Correct:
A developer is writing a Python script to interact with a REST API that manages cloud virtual machines. The API documentation specifies the following: - List all VMs: GET https://cloud.example.com/api/v2/vms - Create a VM: POST https://cloud.example.com/api/v2/vms - Delete a VM: DELETE https://cloud.example.com/api/v2/vms/{vm_id} - Authentication: Bearer token passed in the Authorization header - Request/response format: JSON - Create VM body must include: "name" (string), "cpu" (integer), "ram_gb" (integer) - Success responses: 200 OK for GET, 201 Created for POST, 204 No Content for DELETE The developer writes the following script to create a new VM named "web-server-01" with 4 CPUs and 8 GB of RAM, then immediately delete it using the ID returned in the creation response: import requests BASE_URL = "https://cloud.example.com/api/v2/vms" TOKEN = "tok-abc987xyz" HEADERS = {"Authorization": "Bearer " + TOKEN} payload = {"name": "web-server-01", "cpu": 4, "ram_gb": 8} create_response = requests.post(BASE_URL, headers=HEADERS, json=payload) vm_id = create_response.json()["id"] delete_response = requests.delete(BASE_URL + vm_id, headers=HEADERS) print("Create:", create_response.status_code) print("Delete:", delete_response.status_code) After running the script, the POST request returns 201 as expected, but the DELETE request returns 404. Which of the following is the most likely cause and the correct fix?
Loading...
Q27 · Application Deployment and Security
Your answer: C  ·  Correct: B
A security engineer is reviewing a Python web application and discovers the following user registration endpoint that accepts form data and inserts it directly into the database: import sqlite3 def register_user(username, email): conn = sqlite3.connect("users.db") cursor = conn.cursor() query = "INSERT INTO users (username, email) VALUES ('" + username + "', '" + email + "')" cursor.execute(query) conn.commit() conn.close() During testing, the engineer submits the following value for the username field: admin'-- The application inserts the record without error and the engineer notices that the email field is never validated. Which of the following BEST identifies the vulnerability present in this code, explains what an attacker could achieve by exploiting it, and describes the correct remediation?
Loading...
Q28 · Cisco Platforms and Development
Your answer: A  ·  Correct:
A developer is writing a Python script to retrieve a list of all spaces (rooms) that the authenticated bot belongs to in Webex, and then post a message to the first space returned. The developer has a valid Webex bot token and is referencing the Webex REST API documentation. The API documentation specifies the following: - List rooms: GET https://webexapis.com/v1/rooms - Create a message: POST https://webexapis.com/v1/messages - Authentication: Bearer token in the Authorization header - Create message body must include: "roomId" (string) and "text" (string) - Success responses: 200 OK for GET, 200 OK for POST The developer writes the following script: import requests TOKEN = "NjFmZDI4YzItYjQ3Yy00" HEADERS = {"Authorization": "Bearer " + TOKEN} BASE_URL = "https://webexapis.com/v1" rooms_response = requests.get(BASE_URL + "/rooms", headers=HEADERS) first_room_id = rooms_response.json()["id"] message_payload = {"roomId": first_room_id, "text": "Hello from the bot!"} message_response = requests.post(BASE_URL + "/messages", headers=HEADERS, json=message_payload) print("Rooms status:", rooms_response.status_code) print("Message status:", message_response.status_code) After running the script, the GET request returns 200 OK, but the script raises a KeyError before the POST request is made. Which of the following is the most likely cause and the correct fix?
Loading...
Q29 · Infrastructure and Automation
Your answer: B  ·  Correct:
A network automation engineer is reviewing the following NETCONF RPC response returned after querying a Cisco IOS XE router for interface configuration. The engineer needs to interpret the response and determine whether the interface is operationally active and correctly addressed. <rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="101"> <data> <interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces"> <interface> <name>GigabitEthernet2</name> <description>WAN Uplink</description> <enabled>true</enabled> <oper-status>down</oper-status> <ipv4 xmlns="urn:ietf:params:xml:ns:yang:ietf-ip"> <address> <ip>10.0.0.1</ip> <prefix-length>30</prefix-length> </address> </ipv4> </interface> </interfaces> </data> </rpc-reply> Which of the following correctly interprets this NETCONF response?
Loading...
Q31 · Network Fundamentals
Your answer: C  ·  Correct: B
A developer is building an application that automatically provisions network devices. The application successfully reaches the management plane of a router to push configuration changes, but end users are still reporting that traffic is not being forwarded correctly between subnets. Which plane on the router is most likely experiencing the issue?
Loading...
Q33 · Understanding and Using APIs
Your answer: D  ·  Correct: B
A developer is integrating with a third-party project management API. The API documentation specifies the following: - Create a task: POST https://api.projecttool.com/v1/tasks - Authentication: API key passed in the request header as "X-API-Key" - Request body must be JSON with fields: "title" (string), "assignee_id" (integer), "due_date" (string in YYYY-MM-DD format), and "tags" (list of strings) - Success response: 201 Created - If authentication fails: 401 Unauthorized - If required fields are missing or malformed: 422 Unprocessable Entity The developer writes the following Python script: import requests url = "https://api.projecttool.com/v1/tasks" api_key = "proj-key-77341" payload = { "title": "Review pull requests", "assignee_id": "1042", "due_date": "2024-09-15", "tags": ["dev", "review"] } response = requests.post(url, headers={"X-API-Key": api_key}, json=payload) print(response.status_code) After running the script, the developer receives a 422 response instead of 201. The authentication header is confirmed to be correct. Which of the following is the most likely cause of the 422 response, and what is the correct fix?
Loading...
Q35 · Understanding and Using APIs
Your answer: D  ·  Correct: B
A developer is building a Python script that polls a network inventory REST API to retrieve all devices. The API documentation specifies the following: - Endpoint: GET https://inventory.example.com/api/v1/devices - Authentication: Basic Authentication (username and password) - The response body is JSON with a top-level key "data" containing a list of device objects, each with a "hostname" and "ip_address" field - Success response: 200 OK - Rate limit: 30 requests per minute - The API enforces a maximum of 100 results per page; additional pages are accessed using a query parameter "page" starting at 1 The developer writes the following script to retrieve and print the hostname and IP address of every device on page 1: import requests url = "https://inventory.example.com/api/v1/devices" response = requests.get(url, auth=("netadmin", "P@ssw0rd!"), params={"page": 1}) if response.status_code == 200: for device in response.json()["devices"]: print(device["hostname"], device["ip_address"]) else: print("Error:", response.status_code) The API returns a 200 OK response, but the script raises a KeyError. The developer confirms that the credentials are correct and the endpoint URL is accurate. Which of the following is the most likely cause of the KeyError, and what is the correct fix?
Loading...
Q38 · Network Fundamentals
Your answer: C  ·  Correct: B
A network administrator is designing an IP addressing scheme for a new office deployment. The office requires 50 usable host addresses for workstations, and the infrastructure team wants to use the smallest subnet possible from the 192.168.10.0 network to avoid wasting IP space. A DHCP server will assign addresses dynamically, and a default gateway will route traffic to the internet. Which subnet mask should the administrator use, how many usable host addresses does it provide, and what is the role of the default gateway in this design?
Loading...
Q39 · Network Fundamentals
Your answer: A  ·  Correct: B
A developer is building a network automation tool that provisions new servers in a data center. When a new server boots up, it must automatically receive an IP address, be reachable by hostname from other application servers, and have its private IP translated to a public IP when communicating with external services. The developer observes that newly provisioned servers receive IP addresses correctly and can ping each other using IP addresses, but DNS-based hostname resolution fails and outbound internet connectivity does not work. Based on this behavior, which two services are most likely misconfigured?
Loading...
Q40 · Application Deployment and Security
Your answer: D  ·  Correct: A
A development team is containerizing a Python Flask application. A junior developer writes the following Dockerfile: FROM python:3.11 WORKDIR /app COPY . . RUN pip install flask requests RUN useradd -m appuser EXPOSE 5000 CMD ["python", "app.py"] A senior engineer reviews the Dockerfile and identifies two problems: first, the application process will run with excessive privileges, and second, the image layers are not optimized for caching — meaning every code change will force pip to reinstall all dependencies unnecessarily. Which of the following modifications correctly addresses BOTH issues?
Loading...
Q41 · Cisco Platforms and Development
Your answer: A  ·  Correct: B
A developer is writing a Python script that uses the Cisco Meraki Dashboard API to retrieve a list of all devices in a specific network. The developer has a valid API key and the target network ID. According to the Meraki API documentation, the endpoint to retrieve devices in a network is GET https://api.meraki.com/api/v1/networks/{networkId}/devices, and the API key must be passed in the request header as "X-Cisco-Meraki-API-Key". The developer writes the following script: import requests API_KEY = "6bcd4321ef0a1b2c3d4e5f67890abcde" NETWORK_ID = "L_123456789012345678" BASE_URL = "https://api.meraki.com/api/v1" url = BASE_URL + "/networks/" + NETWORK_ID + "/devices" response = requests.get(url, headers={"Authorization": "Bearer " + API_KEY}) if response.status_code == 200: for device in response.json(): print(device["name"], device["serial"]) else: print("Error:", response.status_code) After running the script, the developer receives a 401 Unauthorized response. The API key and network ID are confirmed to be correct. Which of the following is the most likely cause and the correct fix?
Loading...
Q42 · Infrastructure and Automation
Your answer: C  ·  Correct: A
A network automation engineer is evaluating two approaches for managing configuration across a fleet of 200 Cisco routers. Approach 1 uses a centralized controller that maintains a network-wide topology model, computes optimal configurations, and pushes changes to all devices simultaneously via NETCONF/YANG. Approach 2 involves writing individual Python scripts that SSH into each device one at a time to apply CLI commands. The team needs to enforce a consistent interface naming standard across all devices and quickly roll back changes if a misconfiguration is detected. Which of the following statements BEST explains why Approach 1 is more suitable for this use case, and correctly identifies a key limitation of Approach 2?
Loading...
Q43 · Infrastructure and Automation
Your answer: D  ·  Correct: A
A network automation engineer is reviewing the following Ansible playbook that was written to automate the management of a Linux-based application server. The engineer must determine the complete workflow being performed before approving it for production use. --- - name: Manage reporting service hosts: reporting_servers become: yes tasks: - name: Install reporting dependencies apt: name: - python3 - python3-pip - libpq-dev state: present update_cache: yes - name: Add reporting service user user: name: reportuser shell: /bin/bash state: present groups: sudo append: yes - name: Stop legacy reporting service service: name: legacy-reporter state: stopped enabled: no - name: Configure new reporting service template: src: templates/reporter.conf.j2 dest: /etc/reporter/reporter.conf owner: reportuser mode: '0640' - name: Start new reporting service service: name: reporter state: started enabled: yes Which of the following accurately describes the complete workflow being automated by this playbook?
Loading...
Q44 · Cisco Platforms and Development
Your answer: A  ·  Correct: C
A developer is writing a Python script that uses the Cisco Catalyst Center (formerly DNA Center) REST API to retrieve a list of all network devices. The developer has obtained a valid authentication token and is referencing the API documentation, which specifies that the endpoint to list network devices is GET https://<catalyst-center-ip>/dna/intent/api/v1/network-device and that the token must be passed in the request header as "X-Auth-Token". The developer writes the following script: import requests BASE_URL = "https://10.10.20.85" TOKEN = "eyJhbGciOiJSUzI1NiJ9.abc123" url = BASE_URL + "/dna/intent/api/v1/network-device" response = requests.get(url, headers={"Authorization": "Bearer " + TOKEN}, verify=False) if response.status_code == 200: devices = response.json()["response"] for device in devices: print(device["hostname"], device["managementIpAddress"]) else: print("Error:", response.status_code) After running the script, the developer receives a 401 Unauthorized response even though the token was recently generated and is confirmed to be valid. Which of the following is the most likely cause and the correct fix?
Loading...
Q46 · Network Fundamentals
Your answer: D  ·  Correct: B
A developer is building a distributed web application where the frontend servers (192.168.5.10–192.168.5.50) communicate with a backend API cluster through a load balancer. The backend cluster is in the 172.16.20.0/24 subnet, and all outbound traffic to external partners exits through a NAT device using a single public IP. During a routine test, the developer discovers that requests from the frontend servers reach the load balancer successfully, but the backend API servers never receive the requests. A network engineer reviews the environment and reports that the load balancer is functioning and the backend servers are reachable via direct IP. Which of the following networking components or configurations is MOST likely causing the traffic to fail between the load balancer and the backend API servers?
Loading...
Q48 · Infrastructure and Automation
Your answer: D  ·  Correct: B
A network automation engineer is evaluating infrastructure automation tools for a large enterprise network. The team needs to manage configuration across hundreds of Cisco and multi-vendor devices, enforce desired state (automatically correcting drift without re-running scripts manually), and represent the entire network infrastructure as version-controlled code files. A colleague proposes using Ansible, while another suggests Terraform. A third engineer recommends Cisco NSO. Which of the following BEST describes the primary distinguishing capability of each tool in the context of network infrastructure automation?
Loading...
Q50 · Infrastructure and Automation
Your answer: B  ·  Correct: A
A network automation engineer is reviewing the following bash script that was written to set up a new application environment on a Linux server. The engineer must understand the complete workflow before approving it for production use. #!/bin/bash mkdir -p /opt/appservice/logs cd /opt/appservice useradd -m -s /bin/bash appservice chown -R appservice:appservice /opt/appservice apt-get update -y apt-get install -y python3 python3-pip curl pip3 install flask gunicorn requests cp /tmp/appservice.conf /etc/systemd/system/appservice.service systemctl daemon-reload systemctl enable appservice systemctl start appservice echo "Deployment complete" >> /opt/appservice/logs/deploy.log Which of the following accurately describes the complete workflow being automated by this script?
Loading...
Q51 · Infrastructure and Automation
Your answer: B  ·  Correct: A
A network automation engineer is designing an infrastructure automation strategy for a large enterprise. The team needs to provision identical configurations across 300 routers whenever a new network policy is approved. The engineer proposes using a YANG model-driven approach with NETCONF instead of traditional CLI-based scripting. Which of the following BEST explains the primary value of model-driven programmability in this context, compared to CLI-based automation?
Loading...
Q52 · Software Development and Design
Your answer: B  ·  Correct: A
A development team is building a Python application that receives configuration data from a REST API response. The response body contains the following: {"device": {"hostname": "router1", "interfaces": [{"name": "GigabitEthernet0/0", "ip": "192.168.1.1"}, {"name": "GigabitEthernet0/1", "ip": "10.0.0.1"}]}} After parsing this response using the Python 'json' module, a developer wants to retrieve the IP address of the second interface. Which expression correctly accesses that value from the parsed data structure?
Loading...
Q55 · Understanding and Using APIs
Your answer: D  ·  Correct: B
A developer is building a Python script that subscribes to real-time event notifications from a cloud platform. The platform supports webhooks and will send HTTP POST requests to a developer-specified URL whenever a resource state changes. The developer has registered the following endpoint as the webhook receiver: https://app.example.com/webhooks/events. During testing, the developer notices that webhook POST requests are arriving at the server, but the server is responding with a 200 OK only after spending 45 seconds processing each event — which includes writing to a database, sending an email notification, and updating a third-party system. Shortly after load testing begins, the cloud platform logs show that many webhook deliveries are being marked as "failed" and are being retried, causing duplicate processing of the same events. Which of the following best explains the root cause of this problem and describes the correct implementation pattern for a webhook receiver?
Loading...
Q59 · Application Deployment and Security
Your answer: C  ·  Correct: B
A development team is preparing to release a Python microservice that handles sensitive customer financial data. As part of their DevOps practices, they are building a CI/CD pipeline with the following stages: Source → Build → Test → Security Scan → Deploy. The team stores database credentials and third-party API keys required by the application. A senior engineer reviews the pipeline and identifies that secrets must be injected securely at runtime rather than stored in source code or baked into Docker images. The engineer also notes that all data transmitted between the microservice and its clients must be protected in transit, and all sensitive data written to the database must be protected at rest. Which of the following BEST describes the correct combination of practices for secret protection, encryption in transport, and encryption at storage?
Loading...
Q60 · Cisco Platforms and Development
Your answer: C  ·  Correct: A
A developer is writing a Python script that uses Cisco NSO's REST API to retrieve the list of all managed devices. The NSO instance is running at https://10.0.0.5:8888, and the developer has valid credentials. According to NSO's RESTCONF-based API, managed devices are accessible at the path /restconf/data/tailf-ncs:devices/device. The developer writes the following script: import requests from requests.auth import HTTPBasicAuth NSO_HOST = "https://10.0.0.5:8888" USERNAME = "admin" PASSWORD = "Admin1234" url = NSO_HOST + "/restconf/data/tailf-ncs:devices/device" response = requests.get(url, auth=HTTPBasicAuth(USERNAME, PASSWORD), headers={"Accept": "application/json"}, verify=False) if response.status_code == 200: devices = response.json()["tailf-ncs:device"] for device in devices: print(device["name"], device["address"]) else: print("Error:", response.status_code) The script returns a 200 OK response, but raises a KeyError on the line that accesses response.json()["tailf-ncs:device"]. The developer prints the raw response body and sees that the top-level key is "tailf-ncs:devices" containing a nested key "device". Which of the following is the correct fix?
Loading...
Q62 · Software Development and Design
Your answer: B  ·  Correct: C
A development team is working on a Python application that reads device configuration data from three different sources: a legacy system that exports data as XML, a modern REST API that returns JSON, and a set of infrastructure-as-code templates written in YAML. A developer writes the following code to parse each format and extract the device hostname: import xml.etree.ElementTree as ET import json import yaml xml_data = "<device><hostname>router-01</hostname><ip>10.0.0.1</ip></device>" json_data = '{"device": {"hostname": "router-01", "ip": "10.0.0.1"}}' yaml_data = "device:\n hostname: router-01\n ip: 10.0.0.1" xml_root = ET.fromstring(xml_data) xml_hostname = xml_root.find("hostname").text json_parsed = json.loads(json_data) json_hostname = json_parsed["device"]["hostname"] yaml_parsed = yaml.safe_load(yaml_data) yaml_hostname = yaml_parsed["hostname"] The developer finds that xml_hostname and json_hostname are retrieved correctly, but yaml_hostname raises a KeyError. Which of the following correctly explains the cause of the error and the correct fix?
Loading...
Q63 · Network Fundamentals
Your answer: C  ·  Correct: D
A developer is deploying a Python-based microservice that needs to communicate with three backend services: a database server at 172.16.30.10, an internal cache server at 172.16.30.45, and an external analytics platform at 203.0.113.80. The microservice host is configured with IP address 172.16.30.25/26, a default gateway of 172.16.30.1, and uses an internal DNS server at 172.16.30.5 to resolve hostnames. During testing, the developer observes that the database server and cache server are reachable by IP address, but the external analytics platform at 203.0.113.80 is unreachable. Additionally, attempts to resolve the hostname "analytics.external.com" fail, even though the internal DNS server is reachable. Which of the following most accurately explains BOTH observed failures?
Loading...
Q64 · Application Deployment and Security
Your answer: C  ·  Correct: A
A development team is building a CI/CD pipeline for a Python microservice. The pipeline is configured with the following stages in order: Source Control → Build → Unit Test → Security Scan → Staging Deploy → Production Deploy. A senior engineer reviews the pipeline and states that the Security Scan stage should specifically check for two critical issues: dependency vulnerabilities in third-party packages and static code analysis for insecure coding patterns. The team is also told that the pipeline must enforce a policy where the Docker image is only built ONCE and promoted through environments, rather than rebuilt at each stage. Which of the following BEST describes why building the image only once is a DevOps best practice, AND correctly identifies what the Security Scan stage would analyze in this pipeline?
Loading...
Q65 · Understanding and Using APIs
Your answer: A  ·  Correct: B
A developer is building a Python script that retrieves a list of active alerts from a network operations REST API. The API documentation specifies the following: - Endpoint: GET https://api.netops.example.com/v2/alerts - Authentication: API key passed in the request header as "X-API-Key" - Optional query parameter: "severity" to filter results (accepted values: "critical", "warning", "info") - The response body is JSON with a top-level key "alerts" containing a list of objects, each with fields "alert_id", "message", and "severity" - Success response: 200 OK - If the API key is missing or invalid: 403 Forbidden - If a query parameter value is not recognized: 400 Bad Request The developer writes the following script to retrieve only critical alerts and print each alert's ID and message: import requests url = "https://api.netops.example.com/v2/alerts" api_key = "netops-key-112233" response = requests.get(url, params={"severity": "critical"}, headers={"X-API-Key": api_key}) if response.status_code == 200: for alert in response.json()["data"]: print(alert["alert_id"], alert["message"]) else: print("Error:", response.status_code) The API returns a 200 OK response, but the script raises a KeyError. The developer confirms the API key is valid and the severity value is accepted. Which of the following is the most likely cause of the KeyError, and what is the correct fix?
Loading...
Q66 · Network Fundamentals
Your answer: D  ·  Correct: B
A developer is troubleshooting an application deployed in a corporate environment where users connect to internal services through a VPN. The application runs on a host at 10.50.4.22/27 and must reach two services: an internal configuration server at 10.50.4.45 and an external license validation server at 198.51.100.10. The host is configured with a default gateway of 10.50.4.1. The developer observes that requests to the external license server succeed, but all requests to the internal configuration server at 10.50.4.45 fail with a timeout. No firewall rules are blocking traffic between hosts in the 10.50.4.0 subnet. Which of the following best explains why the internal configuration server is unreachable?
Loading...
Q67 · Understanding and Using APIs
Your answer: C  ·  Correct: B
A developer is building a Python script that calls a REST API to retrieve the configuration status of a network device. The API documentation specifies the following: - Endpoint: GET https://api.netconfig.example.com/v1/devices/{device_id}/config - Authentication: API key passed in the request header as "X-API-Key" - Success response: 200 OK with a JSON body containing a "config_status" key - If the device exists but configuration retrieval is temporarily unavailable: 503 Service Unavailable - If the request is valid but the server cannot process it due to an internal fault: 500 Internal Server Error - If the requested device does not exist: 404 Not Found The developer writes the following script: import requests API_KEY = "cfg-key-998877" BASE_URL = "https://api.netconfig.example.com/v1/devices" device_id = "switch-42" url = BASE_URL + "/" + device_id + "/config" response = requests.get(url, headers={"X-API-Key": API_KEY}) print(f"Status: {response.status_code}") print(f"Config Status: {response.json()['config_status']}") During testing, the script prints "Status: 503" and then raises a KeyError on the next line. A colleague suggests that the fix is to change the API key header name to "Authorization" because 503 indicates an authentication failure. Which of the following correctly identifies the HTTP response code, explains the actual cause of the error, and describes the correct fix?
Loading...
Q68 · Application Deployment and Security
Your answer: A  ·  Correct: B
A development team is adopting DevOps practices and wants to implement a CI/CD pipeline for a containerized Python application. The pipeline must automatically run unit tests, scan for vulnerabilities, and deploy to a staging environment on every push to the main branch. A senior engineer outlines the following pipeline stages: Stage 1: Developer pushes code to the Git repository Stage 2: Pipeline triggers automatically and builds a Docker image Stage 3: Unit tests execute inside a container built from the image Stage 4: A static analysis tool scans the source code and a dependency checker scans requirements.txt Stage 5: The tested and scanned image is pushed to a container registry Stage 6: The image is pulled from the registry and deployed to the staging environment A junior developer proposes eliminating Stage 5 and having Stage 6 rebuild the image directly on the staging server from source code to "save time." The senior engineer rejects this proposal. Which of the following BEST explains why the senior engineer rejected the proposal, AND correctly identifies the DevOps principle being violated?
Loading...
Q70 · Infrastructure and Automation
Your answer: B  ·  Correct: C
A network automation engineer is evaluating tools to manage infrastructure across a hybrid environment that includes Cisco routers, cloud-based virtual machines, and on-premises servers. The team wants to use a tool that treats infrastructure configuration as declarative code files stored in version control, automatically detects and corrects configuration drift, and can provision both network devices and cloud resources using a single workflow. A second tool is also needed to handle day-2 operational tasks such as applying software updates, restarting services, and managing user accounts on Linux hosts using an agentless push model. Which of the following correctly matches each requirement to the most appropriate tool and explains the key distinction between them?
Loading...
Q71 · Understanding and Using APIs
Your answer: B  ·  Correct: C
A developer is writing a Python script that calls a REST API to create a new user account. The API documentation specifies the following: - Endpoint: POST https://api.usermgmt.example.com/v1/users - Authentication: Bearer token passed in the Authorization header - Request body must be JSON with fields: "username" (string), "email" (string), and "role" (string) - Success response: 201 Created with a JSON body containing the new user's "user_id" - If a user with the same email already exists: 409 Conflict The developer writes the following script: import requests TOKEN = "eyJhbGciOiJIUzI1NiJ9.tok987" url = "https://api.usermgmt.example.com/v1/users" payload = {"username": "jsmith", "email": "jsmith@example.com", "role": "viewer"} response = requests.post(url, headers={"Authorization": "Bearer " + TOKEN}, json=payload) if response.status_code == 201: print("User created:", response.json()["user_id"]) else: print("Failed:", response.status_code) After running the script for the first time, the output is "User created: 4892". The developer runs the script a second time without any changes and receives "Failed: 409". Which of the following correctly explains the cause of the 409 response and describes the appropriate way to handle this scenario in the script?
Loading...
Q73 · Software Development and Design
Your answer: B  ·  Correct: A
A development team is working on a Python project and maintains their source code in a Git repository. A developer named Maria is working on a branch called `feature/config-parser` and has made three commits. After reviewing the work, the team lead asks Maria to share her branch with the rest of the team so they can review and test the changes. Maria runs the following commands: git add config_parser.py git commit -m "Add YAML parsing support" git push origin feature/config-parser A second developer, Carlos, wants to start working from Maria's branch on his local machine, which does not yet have a local copy of the repository. He runs: git clone https://github.com/org/netautomation.git After cloning, Carlos confirms the `feature/config-parser` branch exists on the remote but does not appear in his local branch list when he runs `git branch`. Which of the following commands should Carlos run to create a local tracking branch that points to Maria's remote branch AND switch to it in a single step?
Loading...
Q75 · Cisco Platforms and Development
Your answer: C  ·  Correct: B
A developer is building a Python script that uses the Cisco Catalyst Center (formerly DNA Center) REST API to retrieve a list of all clients/hosts seen on the network. The developer has a valid authentication token and references the API documentation, which specifies that the endpoint to retrieve host/client information is GET https://<catalyst-center-ip>/dna/intent/api/v1/host, and that the token must be passed in the request header as "X-Auth-Token". The developer also wants to filter results to only wireless clients by passing the query parameter "hostType" with the value "WIRELESS". The developer writes the following script: import requests import urllib3 urllib3.disable_warnings() BASE_URL = "https://10.10.20.85" TOKEN = "eyJhbGciOiJSUzI1NiJ9.abc123" url = BASE_URL + "/dna/intent/api/v1/host" response = requests.get( url, headers={"X-Auth-Token": TOKEN}, params={"hostType": "WIRELESS"}, verify=False ) if response.status_code == 200: hosts = response.json()["response"] for host in hosts: print(host["hostName"], host["hostIp"]) else: print("Error:", response.status_code) The script returns a 200 OK response and iterates through several hosts successfully, but crashes with a KeyError on certain entries. The developer confirms the token is valid, the endpoint is correct, and the header name is properly set. Which of the following is the most likely cause of the KeyError, and what is the correct fix?
Loading...
Q76 · Infrastructure and Automation
Your answer: C  ·  Correct: A
A network automation engineer is reviewing the following partial YANG model and must determine the correct RESTCONF request to retrieve the configured description of an interface named "GigabitEthernet2" from a Cisco IOS XE router at 192.168.1.1. YANG model (simplified): module ietf-interfaces { namespace "urn:ietf:params:xml:ns:yang:ietf-interfaces"; container interfaces { list interface { key "name"; leaf name { type string; } leaf description { type string; } leaf enabled { type boolean; } } } } The engineer wants to retrieve only the "description" leaf for GigabitEthernet2 in JSON format. Which of the following Python snippets correctly constructs this RESTCONF GET request?
Loading...
Q77 · Network Fundamentals
Your answer: C  ·  Correct: B
A developer is building a Python application that provisions cloud resources and must communicate with two backend services: an internal secrets manager at 10.44.8.60 and an external certificate authority at 52.18.204.15. The application host is configured with IP address 10.44.8.90/27, a default gateway of 10.44.8.65, and uses a corporate DNS server at 10.44.8.68 for name resolution. During testing, the developer observes that attempts to reach the secrets manager at 10.44.8.60 time out, while the external certificate authority responds normally. No firewall rules are blocking traffic within the subnet. Which of the following best explains why the internal secrets manager is unreachable while the external destination works?
Loading...
Q78 · Understanding and Using APIs
Your answer: C  ·  Correct: B
A developer is building a Python script that needs to call two different REST APIs. The first API (Service A) uses HTTP Basic Authentication with a username and password. The second API (Service B) requires an API key passed as a query parameter named "token". After running the script below, Service A returns a 200 OK response, but Service B returns a 401 Unauthorized response. Which of the following correctly identifies the problem with the Service B request and provides the correct fix? import requests response_a = requests.get("https://api.service-a.com/data", auth=("admin", "secret123")) print("Service A:", response_a.status_code) response_b = requests.get("https://api.service-b.com/records", headers={"token": "sk-api-998877"}) print("Service B:", response_b.status_code)
Loading...
Q79 · Understanding and Using APIs
Your answer: A  ·  Correct: B
A developer is building a Python script that interacts with a REST API to manage configuration profiles. The API documentation specifies the following: - List all profiles: GET https://api.configportal.example.com/v1/profiles - Update a profile: PUT https://api.configportal.example.com/v1/profiles/{profile_id} - Authentication: API key passed in the request header as "X-API-Key" - Request body for PUT must be JSON with fields: "profile_name" (string) and "settings" (object) - Success responses: 200 OK for GET, 200 OK for PUT - If the profile does not exist: 404 Not Found - If the request body is malformed or missing required fields: 400 Bad Request The developer writes the following script to retrieve all profiles, then update the first profile's name to "updated-profile": import requests API_KEY = "cfg-api-334455" BASE_URL = "https://api.configportal.example.com/v1/profiles" HEADERS = {"X-API-Key": API_KEY} get_response = requests.get(BASE_URL, headers=HEADERS) profiles = get_response.json()["profiles"] first_id = profiles[0]["id"] update_payload = {"profile_name": "updated-profile", "settings": {"timeout": 30}} put_response = requests.put(BASE_URL + first_id, headers=HEADERS, json=update_payload) print("GET:", get_response.status_code) print("PUT:", put_response.status_code) After running the script, the GET returns 200 OK and profiles are retrieved correctly, but the PUT request returns 404 Not Found. The profile ID is confirmed to exist. Which of the following is the most likely cause and the correct fix?
Loading...
Q80 · Software Development and Design
Your answer: C  ·  Correct: B
A development team is refactoring a Python application that manages network device configurations. The application currently stores device data in a single global dictionary, renders configuration output directly inside the same function that fetches data from the API, and contains no separation between data retrieval, business logic, and presentation. A senior architect recommends restructuring the application using the Model-View-Controller (MVC) design pattern. After the refactor, a junior developer proposes the following assignment of responsibilities: - Model: A class called DeviceConfig that fetches raw data from the API, formats it into an HTML table, and applies compliance validation rules - View: A function that accepts a pre-formatted HTML string and writes it to a file - Controller: A class that receives user input and calls the Model directly to render output The senior architect rejects this proposal. Which of the following correctly explains why this assignment violates MVC principles and describes the correct separation of responsibilities?
Loading...
Q81 · Infrastructure and Automation
Your answer: A  ·  Correct: B
A network automation engineer is reviewing the following sequence diagram that describes an automated workflow for retrieving and applying device configurations using Cisco Catalyst Center. The engineer must identify what is happening at each step before approving the workflow for production. Step 1: Automation Script → Catalyst Center: POST /dna/system/api/v1/auth/token (Basic Auth: username + password) Step 2: Catalyst Center → Automation Script: 200 OK, Body: {"Token": "eyJhbGci..."} Step 3: Automation Script → Catalyst Center: GET /dna/intent/api/v1/network-device (Header: X-Auth-Token: eyJhbGci...) Step 4: Catalyst Center → Automation Script: 200 OK, Body: {"response": [{"id": "abc-123", "hostname": "core-sw-01", ...}]} Step 5: Automation Script → Catalyst Center: POST /dna/intent/api/v1/template-programmer/template/deploy (Header: X-Auth-Token: eyJhbGci..., Body: {"templateId": "tmpl-99", "targetInfo": [{"id": "abc-123", "type": "MANAGED_DEVICE"}]}) Step 6: Catalyst Center → Automation Script: 202 Accepted, Body: {"deploymentId": "dep-556"} Step 7: Automation Script → Catalyst Center: GET /dna/intent/api/v1/template-programmer/template/deploy/status/dep-556 (Header: X-Auth-Token: eyJhbGci...) Step 8: Catalyst Center → Automation Script: 200 OK, Body: {"status": "SUCCESS"} Which of the following accurately describes the complete workflow shown in this sequence diagram?
Loading...
Q82 · Infrastructure and Automation
Your answer: C  ·  Correct: B
A network automation engineer is reviewing the following Ansible playbook that was written to automate configuration tasks on a Cisco IOS router using the cisco.ios collection. The engineer must determine the complete workflow being performed before approving it for production. --- - name: Configure branch router hosts: branch_routers gather_facts: no tasks: - name: Set hostname and domain cisco.ios.ios_system: hostname: branch-rtr-01 domain_name: corp.example.com state: present - name: Configure loopback interface cisco.ios.ios_interfaces: config: - name: Loopback0 description: Management Loopback enabled: true state: merged - name: Apply NTP server settings cisco.ios.ios_ntp_global: config: servers: - server: 10.0.0.1 prefer: true state: replaced - name: Save running config to startup cisco.ios.ios_command: commands: - write memory Which of the following accurately describes the complete workflow being automated by this playbook?
Loading...
Q84 · Software Development and Design
Your answer: D  ·  Correct: B
A development team is working on a Python project stored in a Git repository. A developer named Priya is implementing a new API integration feature in a branch called `feature/api-client`. After completing the work, she wants to incorporate the latest changes from the `main` branch into her feature branch before submitting a pull request. She runs the following commands from her local machine: git checkout feature/api-client git fetch origin git merge origin/main After the merge completes successfully, Priya wants to verify exactly which lines were changed between her feature branch and the `main` branch before pushing. Which of the following Git commands correctly shows the line-by-line differences between her local `feature/api-client` branch and the remote `main` branch, AND which subsequent command will publish her updated feature branch to the remote repository?
Loading...
Q85 · Software Development and Design
Your answer: A  ·  Correct: B
A development team is working on a Python project with the following file structure: network_tool/ ├── __init__.py ├── inventory.py ├── compliance.py └── reporter.py The inventory.py module contains a class called DeviceInventory that fetches device data from an API. The compliance.py module contains a function called validate_config() that applies business rules. A developer writes the following code in a new script called main.py to use both modules: from network_tool.inventory import DeviceInventory from network_tool import compliance inv = DeviceInventory() devices = inv.fetch_all() results = compliance.validate_config(devices) print(results) After running the script, the developer receives an ImportError: cannot import name 'validate_config' from 'network_tool.compliance'. The file compliance.py exists and contains the validate_config() function. The developer confirms there are no syntax errors in compliance.py. Which of the following is the most likely cause of the ImportError, and what does this scenario illustrate about organizing code into modules?
Loading...
Q86 · Software Development and Design
Your answer: A  ·  Correct: B
A development team is migrating a Python application from a single-branch workflow to a feature-branch Git strategy. A developer named Lee is working on a branch called `feature/data-export` and has made several commits. The team lead asks Lee to ensure the `main` branch is fully up to date on the remote before merging. After completing the feature work, Lee runs the following sequence of commands: git checkout main git pull origin main git checkout feature/data-export git merge main git checkout main git merge feature/data-export git push origin main After running these commands, a colleague named Dana wants to review the exact line-by-line differences that were introduced by the feature branch before the merge was finalized. Which of the following Git commands should Dana run to compare the current state of `main` on the remote with the `feature/data-export` branch on the remote, and what does the output of a `git diff` command represent?
Loading...
Q88 · Understanding and Using APIs
Your answer: C  ·  Correct: B
A developer is building a Python script that retrieves device inventory from a REST API and needs to update the description of a specific device. The API documentation specifies the following: - Retrieve a device: GET https://api.inventory.example.com/v1/devices/{device_id} - Update a device: PUT https://api.inventory.example.com/v1/devices/{device_id} - Partial update: PATCH https://api.inventory.example.com/v1/devices/{device_id} - Authentication: Bearer token in the Authorization header - PUT requires a complete JSON body with all fields: "hostname" (string), "ip_address" (string), "description" (string) - PATCH accepts a partial JSON body with only the fields being changed - Success response: 200 OK The developer only wants to update the "description" field without overwriting the other fields, and writes the following script: import requests TOKEN = "inv-tok-778899" BASE_URL = "https://api.inventory.example.com/v1/devices" HEADERS = {"Authorization": "Bearer " + TOKEN} device_id = "dev-204" update_payload = {"description": "Core distribution switch - updated"} response = requests.put(BASE_URL + "/" + device_id, headers=HEADERS, json=update_payload) print(response.status_code) After running the script, the API returns 200 OK, but when the developer retrieves the device afterward, the "hostname" and "ip_address" fields are empty. Which of the following correctly explains why the fields were cleared and what change the developer should make?
Loading...
Q89 · Understanding and Using APIs
Your answer: D  ·  Correct: B
A developer is building a Python script that calls a REST API to retrieve a summary report for a specific organization. The API documentation specifies the following: - Endpoint: GET https://api.reporting.example.com/v1/orgs/{org_id}/summary - Authentication: API key passed in the request header as "X-API-Key" - Optional query parameter: "format" to specify output type (accepted values: "json", "csv") - Success response: 200 OK with a JSON body containing a top-level key "summary" with nested keys "total_devices" (integer) and "active_alerts" (integer) - If the org_id does not exist: 404 Not Found - If the API key is invalid: 403 Forbidden The developer writes the following script: import requests API_KEY = "rpt-key-334411" ORG_ID = "org-77" url = "https://api.reporting.example.com/v1/orgs/" + ORG_ID + "/summary" response = requests.get(url, params={"format": "json"}, headers={"X-API-Key": API_KEY}) if response.status_code == 200: data = response.json() print("Total Devices:", data["total_devices"]) print("Active Alerts:", data["active_alerts"]) else: print("Error:", response.status_code) After running the script, the API returns a 200 OK response, but the script raises a KeyError on the line accessing data["total_devices"]. The developer confirms the API key is valid, the org_id exists, and the endpoint URL is correct. Which of the following is the most likely cause and the correct fix?
Loading...
Q90 · Network Fundamentals
Your answer: C  ·  Correct: B
A developer is building a Python application that runs on a host with IP address 10.30.16.50/28 and must communicate with two internal services: a configuration API server at 10.30.16.60 and a logging aggregator at 10.30.16.5. The host is configured with a default gateway of 10.30.16.1. During testing, the developer observes that requests to the logging aggregator at 10.30.16.5 succeed, but all requests to the configuration API server at 10.30.16.60 time out. No firewall rules are blocking traffic on the network. Which of the following best explains why the configuration API server is unreachable while the logging aggregator is reachable?
Loading...
Q93 · Application Deployment and Security
Your answer: C  ·  Correct: B
A development team is building a CI/CD pipeline for a containerized Python application. The pipeline currently has the following stages: Source Control → Build → Unit Test → Staging Deploy → Production Deploy. A security engineer reviews the pipeline and recommends adding a stage that addresses two specific concerns: (1) the application uses several open-source Python packages listed in requirements.txt that may contain known CVEs, and (2) the application source code contains patterns such as hardcoded connection strings and use of eval() with user input. The security engineer also states that secrets required by the application at runtime — such as database passwords and API tokens — must never be stored in the Dockerfile or committed to the Git repository. Which of the following BEST describes where the new security stage should be inserted in the pipeline, what it should analyze, AND the correct mechanism for delivering secrets to the running container?
Loading...
Q94 · Software Development and Design
Your answer: B  ·  Correct: C
A development team is building a Python application that processes infrastructure configuration data. A developer writes the following code to parse three different data formats and extract a list of configured DNS servers: import xml.etree.ElementTree as ET import json import yaml xml_data = "<config><dns><server>8.8.8.8</server><server>8.8.4.4</server></dns></config>" json_data = '{"config": {"dns": {"servers": ["8.8.8.8", "8.8.4.4"]}}}' yaml_data = "config:\n dns:\n servers:\n - 8.8.8.8\n - 8.8.4.4" xml_root = ET.fromstring(xml_data) xml_servers = [elem.text for elem in xml_root.findall("dns/server")] json_parsed = json.loads(json_data) json_servers = json_parsed["config"]["dns"]["servers"] yaml_parsed = yaml.safe_load(yaml_data) yaml_servers = yaml_parsed["dns"]["servers"] The developer finds that xml_servers and json_servers both return ["8.8.8.8", "8.8.4.4"] correctly, but yaml_servers raises a KeyError. Which of the following correctly explains the cause of the error and the correct fix?
Loading...
Q96 · Infrastructure and Automation
Your answer: C  ·  Correct: B
A network automation engineer is designing a solution to manage configuration across a multi-vendor network. The team currently uses Ansible for ad hoc configuration tasks but needs a tool that can model the entire network as a single source of truth, translate high-level service definitions into vendor-specific CLI or YANG-based configurations, and automatically synchronize configuration state across Cisco IOS, Juniper JunOS, and third-party devices using a single abstraction layer. A colleague suggests that Ansible alone is sufficient because it supports multiple vendors through modules. The senior engineer disagrees and recommends Cisco NSO instead. Which of the following BEST explains why Cisco NSO is more appropriate than Ansible for this specific use case, and correctly identifies a core capability that distinguishes NSO from Ansible in a multi-vendor network automation context?
Loading...
Q97 · Infrastructure and Automation
Your answer: C  ·  Correct: A
A network automation engineer is evaluating two approaches for deploying configuration changes across a fleet of 150 routers. Approach 1 uses Terraform with declarative HCL configuration files stored in a Git repository, where the desired state of each device is defined and Terraform automatically detects and corrects any drift from that state. Approach 2 uses a set of Python scripts that connect to each device via SSH and execute CLI commands imperatively — each script must be manually run whenever a change is needed, and there is no mechanism to detect when a device's running configuration has diverged from the intended state. The team also needs to onboard two new engineers who must be able to understand the intended network state without reading through hundreds of lines of procedural code. Which of the following BEST describes the primary principle of Infrastructure as Code that Approach 1 demonstrates, and correctly identifies a key operational limitation of Approach 2 in this context?
Loading...
Q99 · Understanding and Using APIs
Your answer: B  ·  Correct: C
A developer is building a Python script that calls a REST API to retrieve telemetry data for a list of network devices. The API enforces rate limiting and returns paginated results. After the script runs successfully in a test environment with 10 devices, it is deployed against a production inventory of 300 devices. Shortly after execution begins, the API starts returning 429 responses, and the script crashes with an unhandled exception. The developer reviews the script: import requests API_KEY = "tel-key-112233" BASE_URL = "https://api.telemetry.example.com/v1/devices" HEADERS = {"X-API-Key": API_KEY} device_ids = [f"device-{i}" for i in range(1, 301)] all_data = [] for device_id in device_ids: url = BASE_URL + "/" + device_id + "/metrics" response = requests.get(url, headers=HEADERS) all_data.append(response.json()["metrics"]) print(f"Retrieved data for {len(all_data)} devices") Which of the following best explains the cause of the 429 responses AND describes the correct fix?
Loading...
Q101 · Software Development and Design
Your answer: A  ·  Correct: B
A development team is refactoring a Python network automation application and decides to restructure it using the Model-View-Controller (MVC) design pattern alongside the Observer pattern. A senior engineer describes the following scenario: "When the network state manager detects that a device has gone offline, the dashboard, alerting service, and audit logger all need to update automatically. Additionally, user requests to view device status should not trigger direct database queries from within the same class that renders the HTML response." A junior developer proposes a single class called NetworkManager that handles user input, queries the database, renders HTML output, and directly calls update() on the dashboard, alerting service, and audit logger whenever a device state changes. Which of the following correctly identifies the design pattern violations in the junior developer's proposal AND describes how applying both MVC and Observer would address them?
Loading...
Q103 · Infrastructure and Automation
Your answer: C  ·  Correct: B
A network automation engineer is designing a solution to test a proposed OSPF routing change across a large enterprise WAN before deploying it to production hardware. The team wants to simulate the full topology — including router configurations, link states, and routing protocol behavior — using virtual devices that mirror the production environment. A colleague suggests simply making the changes directly on a staging router to verify behavior. The senior engineer rejects this approach and instead recommends using Cisco Modeling Labs (CML). Separately, the team is also building an automated test suite that will verify device configurations and operational state after each deployment by connecting to live devices and running structured test cases defined in Python. Which of the following correctly identifies the appropriate tool for each requirement AND explains the key distinction between their roles in a network automation workflow?
Loading...
Q104 · Infrastructure and Automation
Your answer:  ·  Correct: B
A network automation engineer is building an Ansible playbook to automate the provisioning of a new application server. The engineer must interpret the following playbook before approving it for production: --- - name: Provision application server hosts: web_servers become: yes vars: app_port: 8080 tasks: - name: Install required packages apt: name: - nodejs - npm - git state: present update_cache: yes - name: Create service user user: name: webappuser shell: /bin/bash state: present create_home: yes - name: Stop existing web service service: name: apache2 state: stopped enabled: no - name: Deploy application configuration template: src: templates/webapp.conf.j2 dest: /etc/webapp/webapp.conf owner: webappuser mode: '0640' notify: Restart webapp - name: Start new web service service: name: webapp state: started enabled: yes handlers: - name: Restart webapp service: name: webapp state: restarted Which of the following accurately describes the complete workflow being automated by this playbook, including when the handler executes?
Loading...
Q105 · Software Development and Design
Your answer:  ·  Correct: B
A development team is building a Python application that processes network device configurations. The team is transitioning from a waterfall development methodology to an agile approach. A project manager who is unfamiliar with agile raises concerns that the team cannot commit to a fixed 12-month delivery timeline upfront, and insists that all requirements must be fully documented before any code is written. A senior engineer explains why agile is better suited for this project. Which of the following BEST describes a fundamental difference between agile and waterfall methodologies, AND correctly identifies why agile is more appropriate when requirements are expected to change during development?
Loading...
Correct Answers (39) ▸ expand
New Exam Dashboard Practice Mode